1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-12-22 10:19:57 +01:00

scd: Add condition for VERIFY with 0x82.

* scd/app-openpgp.c (verify_chv2): Check availability of keys in
question.

--

Backport master commit of:
	af189be481df02a77e088aa0a60a1fc02dfa12bf

With buggy Gnuk (<= 1.2.15), when no encr/auth keys are available,
it fails decrementing the signature error counter.  This change
can avoid the issue.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
This commit is contained in:
NIIBE Yutaka 2020-08-27 10:41:51 +09:00
parent 0be5decc09
commit d2f1a0a791

View File

@ -2361,10 +2361,15 @@ verify_chv2 (app_t app,
if (app->did_chv2)
return 0; /* We already verified CHV2. */
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
if (rc)
return rc;
app->did_chv2 = 1;
if (app->app_local->pk[1].key || app->app_local->pk[2].key)
{
rc = verify_a_chv (app, pincb, pincb_arg, 2, 0, &pinvalue, &pinlen);
if (rc)
return rc;
app->did_chv2 = 1;
}
else
rc = 0;
if (!app->did_chv1 && !app->force_chv1 && pinvalue)
{